Plataforma
php
Componente
sentrifugo
Corrigido em
3.2.1
CVE-2024-29873 describes a critical SQL injection vulnerability discovered in Sentrifugo versions 3.2. This flaw allows a remote attacker to inject malicious SQL queries, potentially leading to complete data exfiltration from the system. The vulnerability resides within the /sentrifugo/index.php/reports/businessunits/format/html endpoint, specifically the 'bunitname' parameter. Affected users should immediately upgrade to version 3.2.1 to mitigate this risk.
The impact of this SQL injection vulnerability is severe. A successful exploit allows an attacker to bypass authentication and authorization controls, directly querying the underlying database. This could result in the complete compromise of sensitive data, including user credentials, financial information, and business-critical reports. The attacker could potentially modify or delete data, leading to data integrity issues and operational disruption. Given the ease of SQL injection exploitation, this vulnerability presents a significant risk, especially if the database contains sensitive information or is exposed to the internet. While no direct precedent is immediately obvious, the potential for widespread data compromise mirrors the impact of other high-profile SQL injection attacks.
CVE-2024-29873 was publicly disclosed on March 21, 2024. The vulnerability's severity (CVSS 9.8) indicates a high probability of exploitation. As of this writing, no public proof-of-concept (PoC) code has been released, but the ease of SQL injection exploitation suggests that a PoC is likely to emerge. It is not currently listed on CISA KEV, but its criticality warrants close monitoring. Active campaigns targeting Sentrifugo are not currently confirmed, but the vulnerability's ease of exploitation makes it an attractive target.
Organizations using Sentrifugo 3.2 in production environments are at significant risk. Particularly vulnerable are deployments where the application is exposed directly to the internet or shares a network with other sensitive systems. Shared hosting environments where multiple users share the same Sentrifugo instance are also at increased risk, as a compromise of one user's account could potentially lead to the compromise of the entire system.
• php: Examine web server access logs for requests to /sentrifugo/index.php/reports/businessunits/format/html with unusual or malformed 'bunitname' parameters. Look for patterns indicative of SQL injection attempts (e.g., ' OR 1=1 --).
• generic web: Use curl to test the endpoint with various SQL injection payloads: curl 'http://your-sentrifugo-server/sentrifugo/index.php/reports/businessunits/format/html?bunitname=test' OR 1=1 --
• database (mysql): If database access is possible, check for unusual or unauthorized database queries in the MySQL error logs. Look for queries that might have been injected by an attacker.
• generic web: Review error logs for database connection errors or SQL syntax errors that might indicate an attempted injection.
disclosure
patch
Status do Exploit
EPSS
0.78% (percentil 74%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-29873 is to immediately upgrade Sentrifugo to version 3.2.1 or later. If upgrading is not immediately feasible due to compatibility issues or downtime concerns, consider implementing temporary workarounds. Input validation and sanitization on the 'bunitname' parameter are crucial. Web application firewalls (WAFs) configured to detect and block SQL injection attempts can provide an additional layer of defense. Monitor database logs for suspicious SQL queries that might indicate an attempted exploitation. Restrict database user permissions to the minimum necessary for Sentrifugo’s operation. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection payload on the affected endpoint and verifying that it is properly sanitized.
Actualizar Sentrifugo a una versión posterior a la 3.2 que corrija la vulnerabilidad de inyección SQL. Si no hay una versión disponible, considerar la posibilidad de aplicar un parche de seguridad o deshabilitar la funcionalidad afectada hasta que se publique una solución.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-29873 is a critical SQL injection vulnerability in Sentrifugo version 3.2, allowing attackers to extract data via crafted queries. It affects the 'bunitname' parameter in the reports endpoint.
Yes, if you are running Sentrifugo version 3.2, you are affected by this vulnerability. Upgrade to version 3.2.1 or later to mitigate the risk.
The recommended fix is to upgrade to Sentrifugo version 3.2.1 or later. Temporary workarounds include input validation and WAF rules.
While no active campaigns are confirmed, the ease of exploitation suggests a high likelihood of exploitation. Monitor your systems closely.
Refer to the Sentrifugo project's official website or security advisories for the latest information and updates regarding CVE-2024-29873.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.